General
-
Target
1349316e7a40b141bed9b55a8271d86434e168ff6efd248c1fa5af4e05c1c248.exe
-
Size
1005KB
-
Sample
241217-cl72ssyjbj
-
MD5
e984d47ddddd227739d93d4712eec8fa
-
SHA1
c10c8fbb4afc6d0ec5754ee95cfd4b3e4df4b3f8
-
SHA256
1349316e7a40b141bed9b55a8271d86434e168ff6efd248c1fa5af4e05c1c248
-
SHA512
67c5fe2605be68f0f35193df1186924ee34fe3c1d65909bcdb34def6863f07aa9b444064690080a8e018efae9e1ac08c26442364d1a3e2488ebf932f8e05c643
-
SSDEEP
24576:cu6J33O0c+JY5UZ+XC0kGso6FacEjfddHksiaZhdcWY:Gu0c++OCvkGs9Facqf/iafY
Malware Config
Extracted
vipkeylogger
Protocol: smtp- Host:
mail.htcp.homes - Port:
587 - Username:
[email protected] - Password:
7213575aceACE@@ - Email To:
[email protected]
Targets
-
-
Target
1349316e7a40b141bed9b55a8271d86434e168ff6efd248c1fa5af4e05c1c248.exe
-
Size
1005KB
-
MD5
e984d47ddddd227739d93d4712eec8fa
-
SHA1
c10c8fbb4afc6d0ec5754ee95cfd4b3e4df4b3f8
-
SHA256
1349316e7a40b141bed9b55a8271d86434e168ff6efd248c1fa5af4e05c1c248
-
SHA512
67c5fe2605be68f0f35193df1186924ee34fe3c1d65909bcdb34def6863f07aa9b444064690080a8e018efae9e1ac08c26442364d1a3e2488ebf932f8e05c643
-
SSDEEP
24576:cu6J33O0c+JY5UZ+XC0kGso6FacEjfddHksiaZhdcWY:Gu0c++OCvkGs9Facqf/iafY
Score10/10-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Vipkeylogger family
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-